package com.example.ruiji.controller;


import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.example.ruiji.pojo.Employee;
import com.example.ruiji.pojo.R;
import com.example.ruiji.service.EmployeeService;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.DigestUtils;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.lang.reflect.InvocationTargetException;
import java.time.LocalDateTime;

@Slf4j
@RestController //该类控制器 +返回值 自动转json
@RequestMapping("/employee")
public class EmployeeController {
@Autowired
private EmployeeService employeeService;
    @PostMapping("login")
    //r是响应对象封装类
public R<Employee> login(HttpServletRequest request, @RequestBody Employee employee)
    {
        //1、将页面提交的密码password进行md5加密处理
       String password=employee.getPassword();
//字节加密 md5 ps->用哈希也行 这样谁都不知道密码 把这个想法留给聊天类项目把
        password= DigestUtils.md5DigestAsHex(password.getBytes());

        //2、根据页面提交的用户名username查询数据库
        LambdaQueryWrapper<Employee> queryWrapper = new LambdaQueryWrapper<>();
        //根据该条件查询
        queryWrapper.eq(Employee::getUsername,employee.getUsername());
        Employee emp=employeeService.getOne(queryWrapper);
        //3、如果没有查询到则返回登录失败结果
        if(emp==null)
        {
            return R.error("登录失败 无用户信息");
        }

        //4、密码比对，如果不一致则返回登录失败结果

        if(!emp.getPassword().equals(password))
        {
            return R.error("登录失败 无密码信息");
        }

        //5、查看员工状态，如果为已禁用状态，则返回员工已禁用结果
        if(emp.getStatus()==0)
        {
            return R.error("你的账号已被禁用 联系管理员说明");
        }
        //6、登录成功，将员工id存入Session并返回登录成功结果
        request.getSession().setAttribute("employee",emp.getId());



        return R.success(emp);
    }

    @PostMapping("/logout")
    public  R<String> logout(HttpServletRequest request)
    {
//清除Session
        request.getSession().removeAttribute("employee");

        return R.success("退出成功");
    }

    //新增员工
    @PostMapping
    public  R<String> save(HttpServletRequest request,@RequestBody Employee employee)
    {
        log.info("员工添加");
        //补全内容
        employee.setPassword(DigestUtils.md5DigestAsHex(("123456").getBytes()));
        employee.setCreateTime(LocalDateTime.now());
        employee.setUpdateTime(LocalDateTime.now());
        //获取 ID seeion
        Long emid= (Long) request.getSession().getAttribute("employee");

        employee.setCreateUser(emid);
        employee.setUpdateUser(emid);

        employeeService.save(employee);
        return R.success("成功了");
    }

    //员工分页查询
    @GetMapping("/page")
   public R<Page> page(int page,int pageSize,String name)
    {
        ///配置分页插件 --返回数据库所查询的页码值
       Page Pageinfo=new Page(page,pageSize);
        //构造条件构造器
        LambdaUpdateWrapper<Employee> queryWrapper=new LambdaUpdateWrapper();
        //添加过滤条件
        queryWrapper.like(StringUtils.isNotEmpty(name),Employee::getName,name);
        //添加排序条件
        queryWrapper.orderByDesc(Employee::getUpdateTime);

        //执行查询
        employeeService.page(Pageinfo,queryWrapper);
        return R.success(Pageinfo);
    }
//员工的修改 先查询再修改
    //http://localhost:8080/employee/1717441014203846700
    @GetMapping("/{id}")
    public  R<Employee> getid(@PathVariable Long id)
    {
  log.info(String.valueOf(id));
  Employee employee=employeeService.getById(id);
  if(employee!=null)
  {
       return  R.success(employee);
  }


  return R.error("无员工数据");

//ps 更换默认序列号 防止前端js发送long数据到服务器出现精度丢失 存储不下的情况
        //后端将序列号部分进行字符串发送

    }
@PutMapping
public R<String> Update(HttpServletRequest request,@RequestBody Employee employee,HttpSession session)
    {
///补值
    ///  Long id= (Long) request.getSession().getAttribute("employee");

        //只有admin才能进行禁用
        Long employee1 = (Long)session.getAttribute("employee");
        Long id = employee.getId();
        if( employee1.equals(1L)||employee1.equals(id))
        {
            employeeService.updateById(employee);

            return R.success("用户:"+employee.getName()+"修改成功");
        }
        return R.error("非法权限");

    }
}
///有许多的权限BUG 比如我们可以拿到普通用户的SEEION 通过接口方式来禁用admin
